Small Businesses: Don’t Make These 7 Common Cybersecurity Mistakes

Written by Blogger

Guest Blog Post: Lance Cody-Valdez

Hackers are going after SMBs with a vengeance – 43 percent of all cyberattacks are directed toward these smaller companies, according to a Hacked report.  SMBs make for “soft” targets, as many don’t have basic cybersecurity safeguards in place and are uninformed when it comes to relevant best practices. To make matters worse, some make inadvertent mistakes that leave them extra vulnerable, and, consequently even easier pickings to hackers.

Below, Paraben Corporation covers 7 common cybersecurity mistakes you might be making and offers some suggestions for doing better:

Not taking cybersecurity seriously enough

Cybersecurity is often way down the priority list for businesses. The common sentiment is that cyber threats are not truly a serious problem and that attacks happen to other people, not them. The statistics don’t bear this out, unfortunately. Not only are hackers targeting smaller businesses, but the majority of hacked companies will go out of business in 6 months, making cyber threats a grave danger indeed. Essentially, cybersecurity is non-optional.

Not training employees

The leading cause of cyber breaches is human error.  Employees often make mistakes, without meaning to, such as leaving their credentials lying around or unconsciously clicking on a malicious link. Infosec shares some other interesting examples. Training them on cyber threats and setting up a company-wide “do’s and dont’s” policy can help plug this glaring security hole.

Not following networking best practices

Most hackers will enter your systems through the internet, remotely – hardware-based hacks are difficult to pull off and, consequently, rarer. As such, securing your network goes a long way toward keeping you safe. Unfortunately, again, this is something many companies fail to account for. Calyptix offers several network security recommendations – implementing zero trust, using NACs, controlling access, configuring logging, and safeguarding network management tools. 

Failing to password-protect files

Often, there’s a great deal of sensitive data in files, whether that’s customer-related information or the company’s intellectual property. These files aren’t always password-locked, meaning anyone can open and read them. Putting passwords on sensitive files is an excellent way to keep their data safe. That way, even if someone manages to snag them, they still won’t be able to open them.

You can use online tools to reliably password-protect files. For instance, you can use this digital tool to quickly sign and fill in a PDF form, you can use the tool’s password-protect feature to share it securely with approved recipients, without having to print or mail it in. Simply upload the file online to make changes, then (optionally) download it and share. 

Failing to patch software in time

Hackers frequently attempt to gain access to a company’s data through vulnerabilities in third-party apps being used for key tasks – such as a bookkeeping tool that takes care of their taxes. Developers frequently release software updates to patch known vulnerabilities. If your business doesn’t install the update in time, it may leave itself open to an attack.

Not working with reliable partners

Your business may have the best cybersecurity in town, but what happens if it outsources a work process to a company that has the poorest? What if you use a SaaS solution offered by a third party that doesn’t have its cybersecurity act together? It’s important that you choose reliable partners for your various needs, whether that’s specific to cybersecurity or anything else. Paraben Corporation provides cutting-edge solutions specializing in forensics, risk assessment, and security. 

Not having a disaster recovery plan

Even the best-protected companies get hacked. The fallout needs to be carefully managed and minimized to prevent permanent damage to the company’s operations and, perhaps more importantly, its reputation. For instance, if there’s no data backup in place and customer data is stolen, there may be no way to retrieve customer data. This could be disastrous to customers and, by extension, your business. A disaster recovery plan can help you quickly get back up and running again, with minimum loss to operations or reputation.


Hackers are getting more devious as well as technologically advanced as time goes by. You can best keep your company safe by ensuring you follow the latest recommendations from the experts for everything from using a computer to sharing information. And, of course, don’t make common mistakes! 

Forensic-Impact Articles

Making an Investigations Sock Puppet

Making an Investigations Sock Puppet

Transcript Hello and welcome to the next edition of, the Forensic Impact blog. I'm Amber Schroader. I have been off the video blog for a hot minute because I have broken my ankle, as you can see by my scooter. This is the best background I can get going right now. So,...

Empowering Small Businesses: The Significance of Data Governance

Empowering Small Businesses: The Significance of Data Governance

Guest Blog Post In today's digitally driven world, data is the lifeblood of businesses, regardless of their size. Small businesses, in particular, stand to gain significantly from harnessing the power of data. This article from Paraben Corporation delves into the...

Strengthening Your Career In Digital Investigations

Strengthening Your Career In Digital Investigations

Transcript Hi there, and welcome to another installment of forensic impact. I'm Amber Schroader, and this week I am sharing with you information about strengthening your career in digital investigations. This was a topic conversation that I had with one of the blog...